Connecting to SMTP Virtual Server from Internet

Posted on 2006-10-24
Last Modified: 2013-11-15

I'm going to make my SBS2003 sit in the recieving end of a SMTP store and forward chain. With my ISP using sendmail he'll collect all my mail in one place and then forward it directly to my server. Im opening port 25 in my router and pointing it at SBS2003 (1 nic no ISA) and I'm filtering IPs at the Virtual Server settings.

Before I do all this I'm testing my setup. I can use Outlook Express to send SMTP directly to the SBS inside the LAN though if I try connect from outside the LAN going via the router (using DYNDNS, and a "virtual server" port forward on port 25 on a D-Link 604 Router) it fails miserably all the time. Is there any hoops I must jump through to make this happen?

Im getting:
OE: Protokoll: SMTP, Port: 25, Secure (SSL): Nej, Socket-fel: 10053, Felnummer: 0x800CCC0F
Outlook 2003: with the "Test account"-feature I get ok on finding the server but an err on sending a testmail

Question by:ola_erik
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17796611
This sounds so incredibly complicated.  Why are you doing it this way?  Just because you have a Dynamic IP doesn't mean that you can't have your Exchange Server receive email directly.

Also, why are you using Outlook Express and not Outlook 2003?  Outlook Express cannot be configured with an Exchange Account.

You also would configure all of this with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email)

A visual how-to is here: and a full networking overview for SBS is at

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  
Be sure to check those out as well.

None of it should be done manually.

Please review for the steps necessary to configure Exchange for SMTP.


Author Comment

ID: 17797003
Hmm you're not reading my post.

I'm using OE to test if SBS2003 virtual SMTP server is functioning. And it is, inside the LAN but not from outside, which seems pretty wierd. AFAIK it should be the same thing if auth is off in the VS and it is.

So Im guessing there is some hurdle to having SBS2003 SMTP VS accepting incoming mail and that is the question.

Lol I guess I'll try rerun some wizards before I try anything else. :-)

Author Comment

ID: 17797516
I've done the CEICW and forwarded my router port 25 to SBS. I assume that I can use OE (or Outlook 2003 for that matter) to test the functionality of SMTP VS over Internet as I can on the LAN.

OE briefly says. "authenticating" and then gives the error msg... :-(

I guess there is quite some difference between a SMTP server and OE and OE functionality isnt an indicator of SMTP functionalty?

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17798695
You don't need to test that the SMTP server is functioning internally.  There is no benefit in doing this.  

You should instead use something like to test your SMTP availability.

You otherwise should only test your server manually with Telnet.  Follow the steps in this KB article for that:


Expert Comment

ID: 17800279
I shouldn't even mention this on the SBS forum but if your ISP has sendmail and is willing to do store and forward then you could just ask them to do ETRN instead - gets round the dynamic DNS issue as your server opens the connection to receive the emails from the SMTP server. Thats all much more complicated than necessary though, sort of thing Linux people do.

You're not having any luck with OE/Outlook probably because the SBS SMTP server will not relay email from a non-local address, you have to be sending it to an email address that exists on the SBS server.

Back in SBS world, do as TechSoEasy says.

Ideally get a fixed IP but I've used dynDNS with SBS before without a major problems. I'd of thought it better to get your domain host to configure your DNS MX (mail exchange) primary as the SBS server and then the secondary as your ISP for a backup. Sounds like you've configured your router fine and if you've done the CEICW then it should all work without any reconfiguration.
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17800347
Actually I don't know why you would be hesitant to mention that here... ETRN is easily configured on an SBS and certainly can be.  But I just find that it's not as efficient, and generally isn't used unless the SBS has a dial-up connection.


Author Comment

ID: 17802931
Hmm it seems my traffic (from home) is blocked somehow.

I port forwarded port 25 and enabled anon login on the server and had no prob telnetting from another location and sending mail thru command line (Putty to friend with ISP without any traffic blocks and telnet from there)

I still couldnt telnet to the port from home, neither to port 8025.(another p fw)..strange.

Thx for the links to the wizard info, Ive been through both them and most of the Info they point to was known to me.

I certainly hear you Jeff on the simplicity argument and Im going in that direction.

The basic issue is how safe the MS SMTP VS is and if we want it open to the world.
(I have to do IP filtered port forward on my DI-604 DLINK router, does FW-rules override port forwards and how...tadadadadaaa?) My Unix-leaning friend doesnt think we should the world see our MS SMTP VS at all since its MS and will be hacked by spammers and their like in a jiffy. Also, its a small-midsize firm and we're not there doing instant patching on the releaseday all the time etc.

Jeff, whats your experience on this. Can you shoot a few points from the hip on paranoid is it practical and relevant to be? They are on a well known ISP (scanning) but are totally off the public radar (news, politics, controversies etc).


LVL 74

Accepted Solution

Jeffrey Kane - TechSoEasy earned 250 total points
ID: 17819991
Tell your Unix-leaning friend that if he's going to advise you that he should use facts, not his bias.  I manage both Windows SMTP servers and Unix SMTP servers, and while I don't have the hard facts, I can tell you that my Exim servers (UNIX) get attacked 100+ times a day.  My Windows Server get's maybe 2 or 3 attempts.

And I think your reasoning is right... my UNIX servers are at a NOC (EV1 Servers), and the Windows Servers are all SBS's.


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How to fix error ""Failed to validate the vCentre certificate. Either install or verify the certificate by using the vSphere Data Protection Configuration utility" when you are trying to connect to VDP instance from Vcenter.
The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question